Assembling Metadata for Database Forensics - Archive ouverte HAL Access content directly
Conference Papers Year : 2011

Assembling Metadata for Database Forensics

(1, 2) , (1) , (1)
1
2

Abstract

Since information is often a primary target in a computer crime, organizations that store their information in database management systems (DBMSs) must develop a capability to perform database forensics. This paper describes a database forensic method that transforms a DBMS into the required state for a database forensic investigation. The method segments a DBMS into four abstract layers that separate the various levels of DBMS metadata and data. A forensic investigator can then analyze each layer for evidence of malicious activity. Tests performed on a compromised PostgreSQL DBMS demonstrate that the segmentation method provides a means for extracting the compromised DBMS components.
Fichier principal
Vignette du fichier
978-3-642-24212-0_7_Chapter.pdf (196.39 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01569562 , version 1 (27-07-2017)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Hector Beyers, Martin Olivier, Gerhard Hancke. Assembling Metadata for Database Forensics. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. pp.89-99, ⟨10.1007/978-3-642-24212-0_7⟩. ⟨hal-01569562⟩
60 View
496 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More